Jump to content

Internal DNS port forwarding

Sir Asvald
By Sir Asvald
in Networking
 Share
Posted

Hello All, 

 

We have an Internal DNS server that we to use external use. We are having problems with it getting to work. We can't seem to be able to resolve anything. 

 

The server is running Windows 2019. I have also enabled DNS through the firewall.

CPU: AMD Ryzen 5 5600X | CPU Cooler: Stock AMD Cooler | Motherboard: Asus ROG STRIX B550-F GAMING (WI-FI) | RAM: Corsair Vengeance LPX 32 GB (4x 8 GB) DDR4-3000 CL16 | GPU: Nvidia GTX 1060 6GB Zotac Mini | Case: K280 Case | PSU: Cooler Master B600 Power supply | SSD: 1TB  | HDDs: 1x 250GB & 1x 1TB WD Blue | Monitor: 24" Acer S240HLBID | OS: Win 11 Pro.

 

Home Lab:  Lenovo ThinkCenter M82 Hyper-V Server 2022 | Dell OptiPlex 9020 Hyper-V Server 2022 | TP-LINK TL-SG108E | Cisco Catalyst C2960CG 8 Port Switch | HP MicroServer G8 SCCM Server | 2x Dell PowerEdge R630 Hyper-V Server 2022

 

 

Link to comment
https://linustechtips.com/topic/1214113-internal-dns-port-forwarding/
Share on other sites
Link to post
Share on other sites
Posted
  • Author
1 minute ago, Ubuntu is love said:

What do you mean with use for external use?

For resolve IP addresses and hostnames..

CPU: AMD Ryzen 5 5600X | CPU Cooler: Stock AMD Cooler | Motherboard: Asus ROG STRIX B550-F GAMING (WI-FI) | RAM: Corsair Vengeance LPX 32 GB (4x 8 GB) DDR4-3000 CL16 | GPU: Nvidia GTX 1060 6GB Zotac Mini | Case: K280 Case | PSU: Cooler Master B600 Power supply | SSD: 1TB  | HDDs: 1x 250GB & 1x 1TB WD Blue | Monitor: 24" Acer S240HLBID | OS: Win 11 Pro.

 

Home Lab:  Lenovo ThinkCenter M82 Hyper-V Server 2022 | Dell OptiPlex 9020 Hyper-V Server 2022 | TP-LINK TL-SG108E | Cisco Catalyst C2960CG 8 Port Switch | HP MicroServer G8 SCCM Server | 2x Dell PowerEdge R630 Hyper-V Server 2022

 

 

Link to post
Share on other sites
Posted
  • Author
Just now, Ubuntu is love said:

You want to resolve internal IP addresses from external?

Yes. We are using NOIP as our DNS provider but it is coming too costly and we want to use our DNS servers.. Mainly for Reverse DNS

CPU: AMD Ryzen 5 5600X | CPU Cooler: Stock AMD Cooler | Motherboard: Asus ROG STRIX B550-F GAMING (WI-FI) | RAM: Corsair Vengeance LPX 32 GB (4x 8 GB) DDR4-3000 CL16 | GPU: Nvidia GTX 1060 6GB Zotac Mini | Case: K280 Case | PSU: Cooler Master B600 Power supply | SSD: 1TB  | HDDs: 1x 250GB & 1x 1TB WD Blue | Monitor: 24" Acer S240HLBID | OS: Win 11 Pro.

 

Home Lab:  Lenovo ThinkCenter M82 Hyper-V Server 2022 | Dell OptiPlex 9020 Hyper-V Server 2022 | TP-LINK TL-SG108E | Cisco Catalyst C2960CG 8 Port Switch | HP MicroServer G8 SCCM Server | 2x Dell PowerEdge R630 Hyper-V Server 2022

 

 

Link to post
Share on other sites
Posted
1 minute ago, Sir Asvald said:

Yes. We are using NOIP as our DNS provider but it is coming too costly and we want to use our DNS servers.. Mainly for Reverse DNS

Why not use an vpn service? like L2TP/IPSec VPN on Windows server 2019? Or if customers need to use services. Maybe use a proxy server. (for webservices, maybe something easy like apache proxy?) It's possible what you are trying to do. But that's going to be a real pain in the ass what you are trying to do. And not even talking about the security.....

Link to post
Share on other sites
Posted
9 minutes ago, Sir Asvald said:

Yes. We are using NOIP as our DNS provider but it is coming too costly and we want to use our DNS servers.. Mainly for Reverse DNS

Do you have a domain-name? You won't be able to do this without one.

Hand, n. A singular instrument worn at the end of the human arm and commonly thrust into somebody’s pocket.

Link to post
Share on other sites
Posted
  • Author
6 minutes ago, Ubuntu is love said:

Why not use an vpn service? like L2TP/IPSec VPN on Windows server 2019? Or if customers need to use services. Maybe use a proxy server. (for webservices, maybe something easy like apache proxy?) It's possible what you are trying to do. But that's going to be a real pain in the ass what you are trying to do. And not even talking about the security.....

Why would I need a VPN? Nothing to do with any customers... These are for our own services. No customers are connecting anythinggg

CPU: AMD Ryzen 5 5600X | CPU Cooler: Stock AMD Cooler | Motherboard: Asus ROG STRIX B550-F GAMING (WI-FI) | RAM: Corsair Vengeance LPX 32 GB (4x 8 GB) DDR4-3000 CL16 | GPU: Nvidia GTX 1060 6GB Zotac Mini | Case: K280 Case | PSU: Cooler Master B600 Power supply | SSD: 1TB  | HDDs: 1x 250GB & 1x 1TB WD Blue | Monitor: 24" Acer S240HLBID | OS: Win 11 Pro.

 

Home Lab:  Lenovo ThinkCenter M82 Hyper-V Server 2022 | Dell OptiPlex 9020 Hyper-V Server 2022 | TP-LINK TL-SG108E | Cisco Catalyst C2960CG 8 Port Switch | HP MicroServer G8 SCCM Server | 2x Dell PowerEdge R630 Hyper-V Server 2022

 

 

Link to post
Share on other sites
Posted
  • Author
1 minute ago, WereCatf said:

Do you have a domain-name? You won't be able to do this without one.

Of course we have a domain name...

CPU: AMD Ryzen 5 5600X | CPU Cooler: Stock AMD Cooler | Motherboard: Asus ROG STRIX B550-F GAMING (WI-FI) | RAM: Corsair Vengeance LPX 32 GB (4x 8 GB) DDR4-3000 CL16 | GPU: Nvidia GTX 1060 6GB Zotac Mini | Case: K280 Case | PSU: Cooler Master B600 Power supply | SSD: 1TB  | HDDs: 1x 250GB & 1x 1TB WD Blue | Monitor: 24" Acer S240HLBID | OS: Win 11 Pro.

 

Home Lab:  Lenovo ThinkCenter M82 Hyper-V Server 2022 | Dell OptiPlex 9020 Hyper-V Server 2022 | TP-LINK TL-SG108E | Cisco Catalyst C2960CG 8 Port Switch | HP MicroServer G8 SCCM Server | 2x Dell PowerEdge R630 Hyper-V Server 2022

 

 

Link to post
Share on other sites
Posted
Just now, WereCatf said:

Do you have a domain-name? You won't be able to do this without one.

Yes you can, if you say that your main DNS server is the server from him. But then the client will ask everything from that dns server. And if it is external, it will add a lot of delay. But let's just say.... it's not a best practice at all......

Link to post
Share on other sites
Posted
Just now, Ubuntu is love said:

Yes you can, if you say that your main DNS server is the server from him.

Well, yes, if you manually set the DNS-server to his server on every device manually, but I assumed OP wants Internet-side devices to be able to resolve the addresses without manually setting the DNS-server on every single device.

Hand, n. A singular instrument worn at the end of the human arm and commonly thrust into somebody’s pocket.

Link to post
Share on other sites
Posted
37 minutes ago, WereCatf said:

Well, yes, if you manually set the DNS-server to his server on every device manually, but I assumed OP wants Internet-side devices to be able to resolve the addresses without manually setting the DNS-server on every single device.

That's the only way to resolve DNS-names in that way. But I think @OP is looking for a proxy server and not a dns.

 Capturing Metrics with Go's Reverse Proxy

Link to post
Share on other sites
Posted
Just now, Ubuntu is love said:

That's the only way to resolve DNS-names in that way.

No, it's not. Typically domain-providers allow you to set up your own DNS-servers for the domains under your control, like e.g. Namecheap does.

Hand, n. A singular instrument worn at the end of the human arm and commonly thrust into somebody’s pocket.

Link to post
Share on other sites
Posted
1 minute ago, WereCatf said:

No, it's not. Typically domain-providers allow you to set up your own DNS-servers for the domains under your control, like e.g. Namecheap does.

True, but that's for your domain only. But let's say you have 2 webservers in your network with both other domain names. You can only portforward with one port. But you have 2 webservers. internal you can use a dns service for that. But if you are external, you need a vpn to be inside the internal network. Or you setup a proxy server. if you type then in one of the domain names, you end up on the proxy server and he sends you to the right server where you need to be. Kinda works like an internal dns but then for external.

Link to post
Share on other sites
Posted
1 minute ago, Ubuntu is love said:

True, but that's for your domain only. But let's say you have 2 webservers in your network with both other domain names. You can only portforward with one port. But you have 2 webservers. internal you can use a dns service for that. But if you are external, you need a vpn to be inside the internal network. Or you setup a proxy server. if you type then in one of the domain names, you end up on the proxy server and he sends you to the right server where you need to be. Kinda works like an internal dns but then for external.

You are mixing two different concepts. DNS is one thing, proxy is another. You still need DNS even if you were also using a proxy.

Hand, n. A singular instrument worn at the end of the human arm and commonly thrust into somebody’s pocket.

Link to post
Share on other sites
Posted
  • Author

This is what I need. @Ubuntu is love Not a proxy...

15 minutes ago, WereCatf said:

Well, yes, if you manually set the DNS-server to his server on every device manually, but I assumed OP wants Internet-side devices to be able to resolve the addresses without manually setting the DNS-server on every single device.

 

Just now, WereCatf said:

You are mixing two different concepts. DNS is one thing, proxy is another. You still need DNS even if you were also using a proxy.

Thank you. I don't need a proxy server... 

CPU: AMD Ryzen 5 5600X | CPU Cooler: Stock AMD Cooler | Motherboard: Asus ROG STRIX B550-F GAMING (WI-FI) | RAM: Corsair Vengeance LPX 32 GB (4x 8 GB) DDR4-3000 CL16 | GPU: Nvidia GTX 1060 6GB Zotac Mini | Case: K280 Case | PSU: Cooler Master B600 Power supply | SSD: 1TB  | HDDs: 1x 250GB & 1x 1TB WD Blue | Monitor: 24" Acer S240HLBID | OS: Win 11 Pro.

 

Home Lab:  Lenovo ThinkCenter M82 Hyper-V Server 2022 | Dell OptiPlex 9020 Hyper-V Server 2022 | TP-LINK TL-SG108E | Cisco Catalyst C2960CG 8 Port Switch | HP MicroServer G8 SCCM Server | 2x Dell PowerEdge R630 Hyper-V Server 2022

 

 

Link to post
Share on other sites
Posted
2 minutes ago, Sir Asvald said:

This is what I need. @Ubuntu is love Not a proxy...

Check your domain-name provider's settings for whether they offer an option for you to use your own DNS-server for your domain. Though, it very rarely makes any sense to do that, since most providers offer perfectly good DNS-services of their own, including the option to use a client to update the DNS-records when your IP-address changes automatically.

 

I have been Namecheap-customer for years, I have multiple domains there and I just use their DNS-servers and update the records from my Pfsense-router automatically.

Hand, n. A singular instrument worn at the end of the human arm and commonly thrust into somebody’s pocket.

Link to post
Share on other sites
Posted
  • Author
2 minutes ago, WereCatf said:

Check your domain-name provider's settings for whether they offer an option for you to use your own DNS-server for your domain. Though, it very rarely makes any sense to do that, since most providers offer perfectly good DNS-services of their own, including the option to use a client to update the DNS-records when your IP-address changes automatically.

 

I have been Namecheap-customer for years, I have multiple domains there and I just use their DNS-servers and update the records from my Pfsense-router automatically.

Well NOIP is getting expensive.. need to look somewhere else

CPU: AMD Ryzen 5 5600X | CPU Cooler: Stock AMD Cooler | Motherboard: Asus ROG STRIX B550-F GAMING (WI-FI) | RAM: Corsair Vengeance LPX 32 GB (4x 8 GB) DDR4-3000 CL16 | GPU: Nvidia GTX 1060 6GB Zotac Mini | Case: K280 Case | PSU: Cooler Master B600 Power supply | SSD: 1TB  | HDDs: 1x 250GB & 1x 1TB WD Blue | Monitor: 24" Acer S240HLBID | OS: Win 11 Pro.

 

Home Lab:  Lenovo ThinkCenter M82 Hyper-V Server 2022 | Dell OptiPlex 9020 Hyper-V Server 2022 | TP-LINK TL-SG108E | Cisco Catalyst C2960CG 8 Port Switch | HP MicroServer G8 SCCM Server | 2x Dell PowerEdge R630 Hyper-V Server 2022

 

 

Link to post
Share on other sites
Posted
  • Author
2 hours ago, Ubuntu is love said:

Maybe I did understand it wrong? But you mean you need this right:

This is the network layout:

 

image.thumb.png.fc424d164d9f9da0e385a48f3d69b126.png

CPU: AMD Ryzen 5 5600X | CPU Cooler: Stock AMD Cooler | Motherboard: Asus ROG STRIX B550-F GAMING (WI-FI) | RAM: Corsair Vengeance LPX 32 GB (4x 8 GB) DDR4-3000 CL16 | GPU: Nvidia GTX 1060 6GB Zotac Mini | Case: K280 Case | PSU: Cooler Master B600 Power supply | SSD: 1TB  | HDDs: 1x 250GB & 1x 1TB WD Blue | Monitor: 24" Acer S240HLBID | OS: Win 11 Pro.

 

Home Lab:  Lenovo ThinkCenter M82 Hyper-V Server 2022 | Dell OptiPlex 9020 Hyper-V Server 2022 | TP-LINK TL-SG108E | Cisco Catalyst C2960CG 8 Port Switch | HP MicroServer G8 SCCM Server | 2x Dell PowerEdge R630 Hyper-V Server 2022

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Networking

×